diff --git a/jspblog/src/main/java/com/example/jspblog/config/ForbiddenUrlConfig.java b/jspblog/src/main/java/com/example/jspblog/config/ForbiddenUrlConfig.java
new file mode 100644
index 00000000..cc29250a
--- /dev/null
+++ b/jspblog/src/main/java/com/example/jspblog/config/ForbiddenUrlConfig.java
@@ -0,0 +1,23 @@
+package com.example.jspblog.config;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class ForbiddenUrlConfig implements Filter {
+
+    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws ServletException, IOException {
+        HttpServletRequest request = (HttpServletRequest) req;
+        HttpServletResponse response = (HttpServletResponse) resp;
+
+        if (request.getRequestURI().equals("/jspblog/") || request.getRequestURI().equals("/jspblog/index.jsp")) {
+            chain.doFilter(request, response);
+        } else {
+            PrintWriter out = response.getWriter();
+            out.print("잘못된 접근입니다.");
+            out.flush();
+        }
+    }
+}
diff --git a/jspblog/src/main/java/com/example/jspblog/web/UserController.java b/jspblog/src/main/java/com/example/jspblog/web/UserController.java
index a942bc36..f919fe77 100644
--- a/jspblog/src/main/java/com/example/jspblog/web/UserController.java
+++ b/jspblog/src/main/java/com/example/jspblog/web/UserController.java
@@ -32,7 +32,7 @@ public class UserController extends HttpServlet {
 
         switch (cmd) {
             case "loginForm":
-                response.sendRedirect("user/loginForm.jsp");
+                request.getRequestDispatcher("user/loginForm.jsp").forward(request, response);
                 break;
             case "login": {
                 String username = request.getParameter("username");
@@ -50,7 +50,7 @@ public class UserController extends HttpServlet {
                 break;
             }
             case "joinForm":
-                response.sendRedirect("user/joinForm.jsp");
+                request.getRequestDispatcher("user/joinForm.jsp").forward(request, response);
                 break;
             case "join": {
                 String username = request.getParameter("username");
diff --git a/jspblog/src/main/webapp/WEB-INF/web.xml b/jspblog/src/main/webapp/WEB-INF/web.xml
index 74f92925..8487619a 100644
--- a/jspblog/src/main/webapp/WEB-INF/web.xml
+++ b/jspblog/src/main/webapp/WEB-INF/web.xml
@@ -16,9 +16,17 @@
         <filter-name>charConfig</filter-name>
         <filter-class>com.example.jspblog.config.CharConfig</filter-class>
     </filter>
+    <filter>
+        <filter-name>forbiddenUrlConfig</filter-name>
+        <filter-class>com.example.jspblog.config.ForbiddenUrlConfig</filter-class>
+    </filter>
 
     <filter-mapping>
         <filter-name>charConfig</filter-name>
         <url-pattern>/*</url-pattern>
     </filter-mapping>
+    <filter-mapping>
+        <filter-name>forbiddenUrlConfig</filter-name>
+        <url-pattern>*.jsp</url-pattern>
+    </filter-mapping>
 </web-app>
\ No newline at end of file
diff --git a/jspblog/src/main/webapp/index.jsp b/jspblog/src/main/webapp/index.jsp
index 50b84c1e..5bd8013d 100644
--- a/jspblog/src/main/webapp/index.jsp
+++ b/jspblog/src/main/webapp/index.jsp
@@ -1,5 +1,5 @@
 <%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %>
 
 <%
-    response.sendRedirect("board/list.jsp");
+    request.getRequestDispatcher("board/list.jsp").forward(request, response);
 %>
\ No newline at end of file